Navigation

Home

Reffley CommunityHall.

Reffley Lane.

Kings Lynn,

Norfolk

PE30 3EQ

01553 670785

Mission Statement

"To promote and encourage discussion and participation in arts and community events, issues, activities and groups in order to improve the quality of life for the whole community. To excite, engage, stimulate and fulfil. To manage and run the Community Hall and the land we lease for the benefit of the inhabitants of the Reffley Estate and local area."

"Alone we can do so little; together we can do so much"

CUSTOMER DATA PROTECTION (GDPR) PRIVACY NOTICE

This privacy statement explains what personal data Reffley Community Association (RCA) collects from you through our business relationship, how we will use that data and how you may amend the data that we hold. The processing of your data is necessary as you are asking RCA to take specific steps, by entering into a contract with us to hire a hall. We have a legitimate interest in the collection of your data, which is necessary to enable us to complete any contractual arrangements.

How we collect data.

Your information is collected from the booking form you complete at the time of entering into the contract.

What data do we collect?

We collect the data that you provide on the booking form and you have a duty to provide us with accurate information.

How do we use your data?

We use your data in order to create a contract between yourself and RCA.

We store your data in paper files and computer systems (email and cloud facilities). This information can only be accessed by employees of RCA and only when it is necessary in order to fulfill our part of the contract. The data is not passed to a third party.

Records held by us.

Reffley Community Association has an obligation to make data available to HMRC for a period of six years after the financial year in which the booking takes place. Data prior to this retention period will either be deleted or shredded as appropriate.

Your individual data protection rights.

You have the ‘right to be informed’ by way of this Privacy Notice of our obligations to provide transparency as to how we use personal data.

Your have a ‘right of access’to obtain confirmation that your data is being processed and have a right to access your data. Your also have a right to have collected data rectified if it is inaccurate or incomplete.

You have the right to have your data ‘ported’to other organisations with the UK & European Union.

You have the right to ‘object’ to the processing of data. You also have the right to ‘restrict or block’the processing of your data under certain circumstances such as when you contest the accuracy of the data. We can store the data but not process it.

All of the above rights are free of charge except in instances where requests are manifestly unfounded or excessive. All requests will be completed with a maximum of 30 days.

Security and breach notifications

The Data Protection rules require all organisations to report certain types of data protection breaches to the relevant supervisory authority and in some cases to the individuals affected.

Certain types of data breaches must be made to the Information Commissioner’s Office (ICO) and, in some cases, to you, the individual, within 72 hours of its discovery. We are required to notify the ICO of a breach where it is likely to result in a risk to the rights and freedoms of the individual, for instance if it could result in discrimination, damage to reputation, financial loss, loss of confidentiality or any other significant economic or social disadvantage. Where a breach is likely to result in a high risk to your rights and freedoms we will notify you.

We keep your data secure by operating secure passwords on computer programmes and back up data to ensure it is secure. We will take reasonable steps to safeguard your personal data against it being accessed unlawfully or maliciously by a third party. We also expect you to take reasonable steps to safeguard your own privacy when transferring information to us.

If you have any questions or comments about this document, or wish to make contact in order to exercise any of your rights set out within it please contact:

The Data Controller – Reffley Community Association by any of the means of contact at the top of this page.

You also have a right to contact the Information Commissioners Office if required whose contact details are: ico.org.uk/concerns, Telephone Helpline: 03031231113 or by writing to ICO Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

Data transfer out of the European Union:

Personal data may only be transferred out of the EU in compliance with the conditions for transfer set out in Chapter V of the GDPR. The recipient firm must have adequate safeguards and controls in place before the data is transferred to them.